Test ID:	1.3.6.1.4.1.25623.1.1.4.2023.0761.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2023:0761-1)
Summary:	The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2023:0761-1 advisory.
Description:	Summary: The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2023:0761-1 advisory. Vulnerability Insight: This update for qemu fixes the following issues: - bsc#1172033 (CVE-2020-13253) - bsc#1180207 (CVE-2020-14394) - bsc#1172382 (CVE-2020-13754) - bsc#1198038 (CVE-2022-0216) - bsc#1193880 (CVE-2021-3929) - bsc#1197653 (CVE-2022-1050) - bsc#1205808 (CVE-2022-4144), bsc#1198712 (CVE-2022-26354) - bsc#1175144 (CVE-2020-17380, CVE-2020-25085, CVE-2021-3409), bsc#1185000 (CVE-2021-3507), bsc#1201367, CVE-2022-35414 - About bsc#1175144, see also bsc#1182282 (CVE-2021-3409) - bsc#1198035, CVE-2021-4206 Affected Software/OS: 'qemu' package(s) on SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP Applications 12-SP5. Solution: Please install the updated package(s). CVSS Score: 6.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-13253 https://security.gentoo.org/glsa/202011-09 https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg05835.html https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://usn.ubuntu.com/4467-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-13754 Debian Security Information: DSA-4728 (Google Search) https://www.debian.org/security/2020/dsa-4728 https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00004.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html http://www.openwall.com/lists/oss-security/2020/06/15/8 Common Vulnerability Exposure (CVE) ID: CVE-2020-14394 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/ https://bugzilla.redhat.com/show_bug.cgi?id=1908004 https://gitlab.com/qemu-project/qemu/-/issues/646 https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2020-17380 https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html http://www.openwall.com/lists/oss-security/2021/03/09/1 Common Vulnerability Exposure (CVE) ID: CVE-2020-25085 https://bugs.launchpad.net/qemu/+bug/1892960 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html https://lists.debian.org/debian-lts-announce/2020/11/msg00047.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3409 GLSA-202208-27 https://security.gentoo.org/glsa/202208-27 [debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update https://bugzilla.redhat.com/show_bug.cgi?id=1928146 https://security.netapp.com/advisory/ntap-20210507-0001/ https://www.openwall.com/lists/oss-security/2021/03/09/1 Common Vulnerability Exposure (CVE) ID: CVE-2021-3507 [debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update https://bugzilla.redhat.com/show_bug.cgi?id=1951118 https://security.netapp.com/advisory/ntap-20210528-0005/ Common Vulnerability Exposure (CVE) ID: CVE-2021-3929 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XHNN7QJCEQH7AQG5AQP2GEFAQE6K635I/ https://access.redhat.com/security/cve/CVE-2021-3929 https://bugzilla.redhat.com/show_bug.cgi?id=2020298 https://gitlab.com/qemu-project/qemu/-/commit/736b01642d85be832385 https://gitlab.com/qemu-project/qemu/-/issues/556 https://gitlab.com/qemu-project/qemu/-/issues/782 Common Vulnerability Exposure (CVE) ID: CVE-2021-4206 Debian Security Information: DSA-5133 (Google Search) https://www.debian.org/security/2022/dsa-5133 https://bugzilla.redhat.com/show_bug.cgi?id=2036998 https://starlabs.sg/advisories/21-4206/ Common Vulnerability Exposure (CVE) ID: CVE-2022-0216 FEDORA-2022-4387579e67 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTY7TVHX62OJWF6IOBCIGLR2N5K4QN3E/ https://access.redhat.com/security/cve/CVE-2022-0216 https://bugzilla.redhat.com/show_bug.cgi?id=2036953 https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc4 https://gitlab.com/qemu-project/qemu/-/issues/972 https://starlabs.sg/advisories/22/22-0216/ Common Vulnerability Exposure (CVE) ID: CVE-2022-1050 https://bugzilla.redhat.com/show_bug.cgi?id=2069625 Common Vulnerability Exposure (CVE) ID: CVE-2022-26354 DSA-5133 [debian-lts-announce] 20220404 [SECURITY] [DLA 2970-1] qemu security update https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html https://gitlab.com/qemu-project/qemu/-/commit/8d1b247f3748ac4078524130c6d7ae42b6140aaf https://security.netapp.com/advisory/ntap-20220425-0003/ Common Vulnerability Exposure (CVE) ID: CVE-2022-35414 https://github.com/qemu/qemu/blob/f200ff158d5abcb974a6b597a962b6b2fbea2b06/softmmu/physmem.c https://github.com/qemu/qemu/blob/v7.0.0/include/exec/cpu-all.h#L145-L148 https://github.com/qemu/qemu/commit/3517fb726741c109cae7995f9ea46f0cab6187d6#diff-83c563ed6330dc5d49876f1116e7518b5c16654bbc6e9b4ea8e28f5833d576fcR482 https://github.com/qemu/qemu/commit/3517fb726741c109cae7995f9ea46f0cab6187d6#diff-83c563ed6330dc5d49876f1116e7518b5c16654bbc6e9b4ea8e28f5833d576fcR482.aa https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c https://gitlab.com/qemu-project/qemu/-/issues/1065 https://sick.codes/sick-2022-113 https://www.mail-archive.com/qemu-devel@nongnu.org/msg895266.html https://www.qemu.org/docs/master/system/security.html#non-virtualization-use-case Common Vulnerability Exposure (CVE) ID: CVE-2022-4144 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/ https://bugzilla.redhat.com/show_bug.cgi?id=2148506 https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.